Documentation

1. Preparing for the Tower Installation

This guide helps you get your Ansible Tower installation up and running as quickly as possible.

At the end of the installation, using your web browser, you can access and fully utilize Tower.

1.1. Installation and Reference guide

While this guide covers the basics, you may find that you need the more detailed information available in the Installation and Reference Guide.

You should also review the General Installation Notes before starting the installation.

1.2. Prerequisites and Requirements

For platform information, refer to Installation Notes in the Ansible Tower Installation and Reference Guide.

Note

Tower is a full application and the installation process installs several dependencies such as PostgreSQL, Django, NGINX, and others. It is required that you install Tower on a standalone VM or cloud instance and do not co-locate any other applications on that machine (beyond possible monitoring or logging software). Although Tower and Ansible are written in Python, they are not just simple Python libraries. Therefore Tower cannot be installed in a Python virtualenv, a Docker container, or any similar subsystem; you must install it as described in the installation instructions in this guide.

Ansible Tower has the following requirements:

  • Supported Operating Systems:

    • Red Hat Enterprise Linux 7.2 or later 64-bit
    • CentOS 7.2 or later 64-bit
    • Ubuntu 14.04 LTS 64-bit
    • Ubuntu 16.04 LTS 64-bit

Note

Ansible Tower requires Red Hat Enterprise Linux 7.2 or later.

  • A currently supported version of Mozilla Firefox or Google Chrome

    • Other HTML5 compliant web browsers may work but are not fully tested or supported.
  • 2 CPUs minimum

    • 2 CPUs recommended per 20 forks
  • 2 GB RAM minimum (4+ GB RAM recommended)

    • 2 GB RAM (minimum and recommended for Vagrant trial installations)
    • 4 GB RAM is recommended per 100 forks
  • 20 GB of dedicated hard disk space for Tower service nodes

    • 10 GB of the 20 GB requirement must be dedicated to /var/, where Tower stores its files and working directories (dedicating less space will cause the installation to fail)
  • 64-bit support required (kernel and runtime)

  • For Amazon EC2:

    • Instance size of m3.medium or larger
    • An instance size of m3.xlarge or larger if there are more than 100 hosts
  • For System Tracking data storage:

    • If you plan to utilize Tower’s system tracking, the following guidelines provide a rough estimate for the amount of space required. The basic calculation is:

      (number of hosts in inventory) * (number of scans) * ((average module fact size) * (number of modules scanning) / 3)

    • For example, assuming a schedule of 1 scan per day for a year:

      (hosts = 1,000) * (number of scans = 365) * ((average module fact size = 100 kb) * (number of modules = 4) / 3) = 48 GB

    The default scan operation has the four (4) modules listed, but you can add your own. Depending on the kinds of modules and the size of the facts you are gathering, that size might be larger.

    To help keep the size down, you can use a management job to purge old facts. Refer to Management Jobs in the Ansible Tower Administration Guide for more information

    Note

    Ansible Tower 3.0 moved away from MongoDB in favor of using Postgres. The new Postgres data-type consumes about one-third (1/3) less space than the equivalent human-readable JSON with no whitespace or newlines. If you are using an older version of Ansible Tower, you should use the following example to determine how much space may be required:

    (hosts = 1,000) * (number of scans = 365) * (average module fact size = 100 kb) * (number of modules = 4) = 146 GB

1.3. Additional Notes on Tower Requirements

While other operating systems may technically function, currently only the above list is supported to host an Ansible Tower installation. If you have a firm requirement to run Tower on an unsupported operating system, please contact Ansible via the Red Hat Customer portal at https://access.redhat.com/. Management of other operating systems (nodes) is documented by the Ansible project itself and allows for a wider list.

Actual RAM requirements vary based on how many hosts Tower will manage simultaneously (which is controlled by the forks parameter in the job template or the system ansible.cfg file). To avoid possible resource conflicts, Ansible recommends 4 GB of memory per 100 forks. For example, if forks is set to 100, 4 GB of memory is recommended; if forks is set to 400, 16 GB of memory is recommended.

For the hosts on which we install Ansible Tower, Tower checks whether or not umask is set to 0022. If not, the setup fails. Be sure to set umask=0022 to avoid encountering this error.

A larger number of hosts can of course be addressed, though if the fork number is less than the total host count, more passes across the hosts are required. These RAM limitations are avoided when using rolling updates or when using the provisioning callback system built into Tower, where each system requesting configuration enters a queue and is processed as quickly as possible; or in cases where Tower is producing or deploying images such as AMIs. All of these are great approaches to managing larger environments. For further questions, please contact Ansible via the Red Hat Customer portal at https://access.redhat.com/.

The requirements for systems managed by Tower are the same as for Ansible at: http://docs.ansible.com/intro_getting_started.html

1.4. Ansible Software Requirements

While Ansible Tower depends on Ansible Playbooks and requires the installation of the latest stable version of Ansible before installing Tower, manual installations of Ansible are no longer required.

Beginning with Ansible Tower version 2.3, the Tower installation program attempts to install Ansible as part of the installation process. Previously, Tower required manual installations of the Ansible software release package before running the Tower installation program. Now, Tower attempts to install the latest stable Ansible release package.

If performing a bundled tower installation, the installation program attempts to install Ansible (and its dependencies) from the bundle for you (refer to Using the Bundled Tower Installation Program for more information).

If you choose to install Ansible on your own, the Tower installation program will detect that Ansible has been installed and will not attempt to reinstall it. Note that you must install Ansible using a package manager like yum and that the latest stable version must be installed for Ansible Tower to work properly.

For convenience, summaries of those instructions are in the following sections.

1.5. Platform-specific Installation Notes

1.5.1. Notes for Red Hat Enterprise Linux and CentOS setups

  • PackageKit can frequently interfere with the installation/update mechanism. Consider disabling or removing PackageKit if installed prior to running the setup process.
  • Only the “targeted” SELinux policy is supported. The targeted policy can be set to disabled, permissive, or enforcing.
  • When performing a bundled install (refer to Using the Bundled Tower Installation Program for more information), Red Hat Enterprise Linux customers must enable the following repositories which are disabled by default:
    • Red Hat Enterprise Linux 7 users must enable the extras repositories.

1.5.2. Configuration and Installation of Ansible with Red Hat Enterprise Linux and CentOS

The following steps help you configure access to the repository as well as install Ansible on older versions of Tower.

1.5.2.1. Configure Repository Access

Configure the EPEL repository and any others needed.

As the root user, for Red Hat Enterprise Linux 7 and CentOS 7

root@localhost:~$ yum install http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Note

  • You may also need to enable the extras repository specific for your environment:
    • extras on CentOS 7
    • rhel-7-server-extras-rpms on Red Hat Enterprise Linux 7
    • rhui-REGION-rhel-server-extras when running in EC2.
  • When using the official Red Hat Enterprise Linux 7 marketplace AMI, ensure that the latest rh-amazon-rhui-client package that allows enabling the optional repository (named rhui-REGION-rhel-server-optional in EC2) is installed.

1.5.2.2. Install Ansible

Note

Tower is installed using Ansible playbooks; therefore, Ansible is required to complete the installation of Tower.

Beginning with Ansible Tower version 2.3.0, Ansible is installed automatically during the setup process.

If you are using an older version of Tower, prior to version 2.3.0, Ansible can be installed as detailed in the Ansible documentation at: http://docs.ansible.com/intro_installation.html

For convenience, those installation instructions are summarized below.

root@localhost:~$ yum install ansible

1.5.3. Configuration and Installation of Ansible with Ubuntu

The following steps help you configure access to the repository as well as install Ansible on older versions of Tower.

1.5.3.1. Configure Repository Access

As the root user, configure Ansible PPA:

root@localhost:~$ apt-get install software-properties-common
root@localhost:~$ apt-add-repository ppa:ansible/ansible

1.5.3.2. Install Ansible

Note

Tower is installed using Ansible playbooks; therefore, Ansible is required to complete the installation of Tower.

Beginning with Ansible Tower version 2.3.0, Ansible is installed automatically during the setup process.

If you are using an older version of Tower, prior to version 2.3.0, Ansible can be installed as detailed in the Ansible documentation at: http://docs.ansible.com/intro_installation.html

For convenience, those installation instructions are summarized below.

root@localhost:~$ apt-get update
root@localhost:~$ apt-get install ansible

1.6. Tower Installation Scenarios

Tower can be installed using one of the following scenarios:

Single Machine:

  • As an integrated installation:
    • This is a single machine install of Tower - the web frontend, REST API backend, and database are all on a single machine. This is the standard installation of Tower. It also installs PostgreSQL from your OS vendor repository, and configures the Tower service to use that as its database.
  • With an external database (2 options available):
    • Tower with remote DB configuration: This installs the Tower server on a single machine and configures it to talk to a remote instance of PostgreSQL 9.4.X as its database. This remote PostgreSQL can be a server you manage, or can be provided by a cloud service such as Amazon RDS.
    • Tower with a playbook install of a remote Postgres system: This installs the Tower server on a single machine and installs a remote Postgres database via the playbook installer (managed by Tower).

Note

1). Tower will not configure replication or failover for the database that it uses, although Tower should work with any replication that you have. 2). The database server should be on the same network or in the same datacenter as the Tower server for performance reasons.

High Availability Multi-Machine Cluster:

Tower can be installed in a high availability cluster mode. In this mode, multiple tower nodes are installed and active. Any node can receive http requests and all nodes can execute jobs.

  • A Clustered Tower setup must be installed with an external database (2 options available):
    • Tower with remote DB configuration: This installs the Tower server on a single machine and configures it to talk to a remote instance of PostgreSQL as its database. This remote PostgreSQL can be a server you manage, or can be provided by a cloud service such as Amazon RDS.
    • Tower with a playbook install of a remote Postgres system: This installs the Tower server on a single machine and installs a remote Postgres database via the playbook installer (managed by Tower).
  • For more information on configuring a clustered setup, refer to Clustering.

Note

Running in a cluster setup requires any database that Tower uses to be external–Postgres must be installed on a machine that is not one of the primary or secondary tower nodes. When in a redundant setup, the remote Postgres version requirements is PostgreSQL 9.4.X.